Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php web scripts vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-24041
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
6.1
CVSSv3
CVE-2024-24945
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
NA
CVE-2003-1251
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote malicious users to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the cod...
Nx N X Web Content Management System 2002 Prerelease1
2 EDB exploits
NA
CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file prior to 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted ASCII file that t...
Christos Zoulas File
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
NA
CVE-2009-2889
Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote malicious users to inject arbitrary web script or HTML via the letters parameter.
Phpscriptsnow Hangman -
1 EDB exploit
NA
CVE-2009-2890
Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts Now Riddles allows remote malicious users to inject arbitrary web script or HTML via the searchquery parameter.
Phpscriptsnow Riddles -
1 EDB exploit
NA
CVE-2009-2884
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote malicious users to inject arbitrary web script or HTML via the rank parameter.
Phpscriptsnow World's Tallest Buildings -
1 EDB exploit
NA
CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allows remote malicious users to inject arbitrary PHP code into a configuration file via the save action.
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 3.1.3
3 EDB exploits
2 Github repositories
7.5
CVSSv3
CVE-2015-3640
phpMyBackupPro 2.5 and previous versions does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scr...
Phpmybackuppro Phpmybackuppro
7.5
CVSSv3
CVE-2018-16454
PHP Scripts Mall Currency Converter Script 2.0.5 allows remote malicious users to cause a denial of service (web-interface change) via an inverted comma.
Currency Converter Script Project Currency Converter Script 2.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »